About

Who we are

Blueprint is an information security consultancy based in Melbourne, Australia. We provide specialist advice on how to best protect your valuable business information. We help you get a clear picture of your risks and implement an information security strategy tailored to your business.

What makes Blueprint different

Independent Advice

At Blueprint we provide independent advice. We don’t promote or resell IT security products so there’s no hidden agenda.

We are experts

We’re highly experienced, accredited information security experts, and passionate about what we do.

Experience and Accreditation:

Blueprint Information Security has been operating for over 15 years.

We have worked with clients in a variety of different industries. Highlights include:

  • Assisting multiple clients to achieve ISO 27001 certification.
  • Developing a comprehensive suite of information security policies for many organisations, including a Big Four Australian bank.
  • Creating a risk management framework and supporting tools for a major Australian retail enterprise.
  • Developing business continuity management policies, procedures and plans for a global health service provider.
  • Assisting an international legal firm to implement controls in the Australian Government Information Security Manual and prepare for an IRAP assessment.

We have experience working with a variety of information security standards, guidelines and regulations. These include:

  • The ISO 27000 range of standards.
  • Australian Government Information Security Manual (ISM).
  • Australian Prudential Regulation Authority (APRA) standards CPS 230 and CPS 234.
  • NIST Cybersecurity Framework (CSF)
  • SOC 2
  • Australian Government Protective Security Policy Framework (PSPF)
  • Australian Privacy Act.
  • Security of Critical Infrastructure Act (SOCI)
  • Payment Card Industry Data Security Standard (PCI DSS).

Our Managing Director

Jake Smith is an information security and risk management consultant with over twenty-five years experience in the information security field, both in Australia and Europe. Jake’s specialist skills and experience include:

  • Information security planning and strategy
  • ISO 27001 ISMS implementation
  • Information security auditing
  • IRAP and ISM consulting and assessments
  • Information security policy development
  • Business continuity management
  • Development of information risk management frameworks and tools

Jake has consulted to a diverse range of clients in the finance, telecommunications, government, legal, health, manufacturing, utilities, and IT sectors. Coming from both an IT security and business management background, Jake has a unique insight into how technical security controls can be aligned with business objectives.

Jake has worked with many Australian and international information security and risk management standards, including the Australian Government Information Security Manual (ISM), the ISO/IEC 27000 range, ISO 31000, PCI DSS, APRA CPS 234 and CPS 230, and NIST CSF.

Jake holds professional memberships with the Australian Information Security Association (AISA – Honorary Life Member), the Information Systems Audit & Control Association (ISACA), and (ISC)². He is also a member of the Standards Australia IT-012-04 Committee which helps develop the ISO/IEC 27000 range of standards. As a member of this Committee, Jake was involved in the development of the latest version of ISO/IEC 27001.